• Login
sketchucation logo sketchucation
  • Login
🤑 SketchPlus 1.3 | 44 Tools for $15 until June 20th Buy Now

Cryptolocker [DANGER]

Scheduled Pinned Locked Moved Corner Bar
16 Posts 9 Posters 29.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W Offline
    watkins
    last edited by watkins 6 Feb 2023, 18:56 28 Oct 2013, 12:24

    Dear All,

    The following was recently circulated by our IT department.

    "Please be very vigilant regarding the Cryptolocker ransomware that is currently in circulation. This particular malware, if opened, will silently encrypt files on a Windows PC, and on any network drive that you can write to. It then attempts to extort hundreds of dollars in return for an unlock key. The University IT Services strongly advise that you should not pay the ransom (there is no guarantee that these crooks will actually release your files even if you do pay).

    At present Cryptolocker’s main vector appears to be e-mail, pretending to be a ‘voice mail’ attachment, but there are also reports of infections spreading via Word or Excel files received by email, or even in shared Dropbox folders. A number of variants have come to light over the last couple of days, and it may adopt further vectors in the next few days. If you believe that you have been affected, please let us know immediately, but please appreciate that we will not be able to recover any files that have been encrypted by Cryptolocker. We may be able to help by restoring files from backups but this may not help with files you have been actively working on. Also backups may be overwritten with encrypted versions of the files if you don’t let us know quickly. If you are managing your own windows based system/laptop please check that your regular backups are completing properly.

    Our anti-malware measures have identified and removed dozens of examples of Cryptolocker in the last few days but there is no guarantee that it won't appear in a form that slips through. So please do not open unexpected attachments received by email, particularly if they claim to be voice mail messages from systems you’ve never heard of, or from people you do not know.

    You can find out more at e.g. http://en.wikipedia.org/wiki/CryptoLocker"

    Also this http://www.youtube.com/watch?v=Gz2kmmsMpMI

    Regards,
    Bob

    1 Reply Last reply Reply Quote 0
    • N Offline
      numerobis
      last edited by 28 Oct 2013, 20:49

      thanks!

      @unknownuser said:

      The most widespread variants of the Cryptolocker malware are detected by Kaspersky products with the following verdicts:

      Trojan-Ransom.Win32.Blocker.cfkz, Trojan-Ransom.Win32.Blocker.cmkv, Trojan-Ransom.Win32.Blocker.cggx, Trojan-Ransom.Win32.Blocker.cfow, Trojan-Ransom.Win32.Blocker.cjzj, Trojan-Ransom.Win32.Blocker.cgmz, Trojan-Ransom.Win32.Blocker.cguo, Trojan-Ransom.Win32.Blocker.cfwh, Trojan-Ransom.Win32.Blocker.cllo, Trojan-Ransom.Win32.Blocker.coew."

      To manually prevent the infection:

      You need to prevent the execution of files from:

      %appdata%
      %localappdata%
      %temp%
      %UserProfile%
      compressed archive

      You can set software restriction policies:
      http://technet.microsoft.com/en-us/library...1(v=ws.10.aspx
      http://support.microsoft.com/kb/310791

      http://forum.kaspersky.com/index.php?s=504e39a300584efabfc98b4350acfa30&showtopic=277400

      1 Reply Last reply Reply Quote 0
      • M Offline
        Mike Lucey
        last edited by 29 Oct 2013, 07:16

        Thanks Bob, made the post a sticky.

        Support us so we can support you! Upgrade to Premium Membership!

        1 Reply Last reply Reply Quote 0
        • T Offline
          TIG Moderator
          last edited by 29 Oct 2013, 10:23

          Fortunately virus-writers rarely 'support' the MAC OS 😉

          TIG

          1 Reply Last reply Reply Quote 0
          • M Offline
            Mike Lucey
            last edited by 29 Oct 2013, 13:45

            Yep

            Support us so we can support you! Upgrade to Premium Membership!

            1 Reply Last reply Reply Quote 0
            • W Offline
              watkins
              last edited by 29 Oct 2013, 13:58

              The Physics department at Oxford is taking this threat really seriously. Apart from implementing various measures, they also recommending that people consult this guide:

              Link Preview Image
              CryptoLocker Ransomware Information Guide and FAQ

              This guide provides information and answers to frequently asked questions regarding the CryptoLocker ransomware. It provides a break down of what this infection does, how it encrypts your data, and how you can possibly restore your files.

              favicon

              BleepingComputer (www.bleepingcomputer.com)

              Hope this helps everyone to understand the threat, and how to avoid being caught out.

              The key advice seems to be 'back up all your files', and preferably on removable storage.

              Kind regards,
              Bob

              1 Reply Last reply Reply Quote 0
              • S Offline
                solo
                last edited by 1 Nov 2013, 18:03

                http://www.makeuseof.com/tag/cryptolocker-is-the-nastiest-malware-ever-heres-what-you-can-do/

                http://www.solos-art.com

                If you see a toilet in your dreams do not use it.

                1 Reply Last reply Reply Quote 0
                • G Offline
                  Gareth
                  last edited by 11 Dec 2013, 22:44

                  It happened yesterday to one of the businesses in my building.

                  He appears to have an inadequate backup system and uses a free version of Antivirus software.

                  He is now paying the ultimate penalty as he appears to have lost about 80% of his files (and still counting)

                  1 Reply Last reply Reply Quote 0
                  • Rich O BrienR Offline
                    Rich O Brien Moderator
                    last edited by 11 Dec 2013, 22:51

                    Wow! That's pretty crazy.

                    Download the free D'oh Book for SketchUp 📖

                    1 Reply Last reply Reply Quote 0
                    • G Offline
                      Gareth
                      last edited by 12 Dec 2013, 01:03

                      yeh it certainly is Rich

                      The guy is a Civil Engineer, in his early to mid 30's....a fit and healthy looking bloke, until now.

                      He is devastated, and looks quite ill.

                      1 Reply Last reply Reply Quote 0
                      • andybotA Offline
                        andybot
                        last edited by 12 Dec 2013, 01:42

                        More info here:

                        http://krebsonsecurity.com/2013/11/how-to-avoid-cryptolocker-ransomware/
                        http://krebsonsecurity.com/2013/11/cryptolocker-crew-ratchets-up-the-ransom/

                        As always - remote backups are absolutely critical if you are running a business. Not using Windows can also be helpful 😛

                        http://charlottesvillearchitecturalrendering.com/

                        1 Reply Last reply Reply Quote 0
                        • S Offline
                          solo
                          last edited by 12 Dec 2013, 02:12

                          @unknownuser said:

                          Not using Windows can also be helpful 😛

                          I'm guessing once Apple becomes a real contender with a fair amount of users it will be a target also, right now they do not have enough users to warrant the effort.

                          http://www.solos-art.com

                          If you see a toilet in your dreams do not use it.

                          1 Reply Last reply Reply Quote 0
                          • R Offline
                            roland joseph
                            last edited by 12 Dec 2014, 08:39

                            Our offices and staff have used windows to defend windows (seems simple doesn't it?) for the past 8 years. Since we kicked out the third parties (security experts..lol) there have been no issues at all. There are two groups of people having issues with windows security, people who don't use windows, and people who use it and insist on using products other than those developed by windows to maintain it.

                            1 Reply Last reply Reply Quote 0
                            • R Offline
                              roland joseph
                              last edited by 19 Dec 2014, 13:17

                              "http://www.bleepingcomputer.com/"

                              I went there and I would recommend that you stay away from the site. Like many stories of virus devastation this one is really riddled with bull. The site has some focused obsession with malware. If you run into a room full of people trading "torrents" and talking about security it is best to back out of the room.

                              1 Reply Last reply Reply Quote 0
                              • R Offline
                                roland joseph
                                last edited by 25 Aug 2015, 11:31

                                This forum post is going on three years old now...that's pretty hot... 😆 I guess modeling has become a business for very serious people. No time for frivolity. 😉

                                1 Reply Last reply Reply Quote 0
                                • andybotA Offline
                                  andybot
                                  last edited by 25 Aug 2015, 11:45

                                  @roland joseph said:

                                  This forum post is going on three years old now...that's pretty hot... 😆 I guess modeling has become a business for very serious people. No time for frivolity. 😉

                                  wait, what's wrong with frivolity? Are you trying to encourage it by posting in an old thread? 💚

                                  http://charlottesvillearchitecturalrendering.com/

                                  1 Reply Last reply Reply Quote 0
                                  • 1 / 1
                                  • First post
                                    Last post
                                  Buy SketchPlus
                                  Buy SUbD
                                  Buy WrapR
                                  Buy eBook
                                  Buy Modelur
                                  Buy Vertex Tools
                                  Buy SketchCuisine
                                  Buy FormFonts

                                  Advertisement